服务器部署cas,登录后页面提示INVALID_PROXY_CALLBACK

然后查看cas的日志,日志报以下错误:

2018-06-29 11:36:06,251 ERROR [org.jasig.cas.util.http.SimpleHttpClient] - java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat sun.security.ssl.Alerts.getSSLException(Unknown Source)at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)at sun.security.ssl.SSLSocketImpl.handleException(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394)at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353)at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134)at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380)at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)at org.apache.http.impl.execchain.ServiceUnavailableRetryExec.execute(ServiceUnavailableRetryExec.java:84)at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)at org.jasig.cas.util.http.SimpleHttpClient.isValidEndPoint(SimpleHttpClient.java:136)at org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler.authenticate(HttpBasedServiceCredentialsAuthenticationHandler.java:69)at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticateInternal(PolicyBasedAuthenticationManager.java:220)at org.jasig.cas.authentication.PolicyBasedAuthenticationManager.authenticate(PolicyBasedAuthenticationManager.java:149)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:62)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)at com.sun.proxy.$Proxy49.authenticate(Unknown Source)at org.jasig.cas.CentralAuthenticationServiceImpl.delegateTicketGrantingTicket(CentralAuthenticationServiceImpl.java:392)at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85)at org.jasig.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:128)at sun.reflect.GeneratedMethodAccessor123.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:68)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:45)at com.ryantenney.metrics.spring.MeteredMethodInterceptor.invoke(MeteredMethodInterceptor.java:32)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:48)at com.ryantenney.metrics.spring.TimedMethodInterceptor.invoke(TimedMethodInterceptor.java:34)at com.ryantenney.metrics.spring.AbstractMetricMethodInterceptor.invoke(AbstractMetricMethodInterceptor.java:59)at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:207)at com.sun.proxy.$Proxy50.delegateTicketGrantingTicket(Unknown Source)at org.jasig.cas.web.ServiceValidateController.handleRequestInternal(ServiceValidateController.java:152)at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:146)at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:50)at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:959)at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:893)at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)at javax.servlet.http.HttpServlet.service(HttpServlet.java:635)at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.jasig.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:250)at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.jasig.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:62)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85)at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790)at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat sun.security.validator.PKIXValidator.<init>(Unknown Source)at sun.security.validator.Validator.getInstance(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.getValidator(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)at org.jasig.cas.authentication.FileTrustStoreSslSocketFactory$CompositeX509TrustManager.checkServerTrusted(FileTrustStoreSslSocketFactory.java:281)at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)at sun.security.ssl.Handshaker.processLoop(Unknown Source)at sun.security.ssl.Handshaker.process_record(Unknown Source)at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)... 118 more
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-emptyat java.security.cert.PKIXParameters.setTrustAnchors(Unknown Source)at java.security.cert.PKIXParameters.<init>(Unknown Source)at java.security.cert.PKIXBuilderParameters.<init>(Unknown Source)... 132 more2018-06-29 11:36:06,259 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - HttpBasedServiceCredentialsAuthenticationHandler failed authenticating https://192.168.x.xxx:8080/uwp/proxyCallback
2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN
=============================================================
WHO: https://192.168.x.xxx:8080/uwp/proxyCallback
WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Fri Jun 29 11:36:06 CST 2018
CLIENT IP ADDRESS: 192.168.x.xxx
SERVER IP ADDRESS: 192.168.x.xxx
=============================================================2018-06-29 11:36:06,260 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN
=============================================================
WHO: https://192.168.x.xxx:8080/uwp/proxyCallback
WHAT: supplied credentials: [https://192.168.x.xxx:8080/uwp/proxyCallback]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Fri Jun 29 11:36:06 CST 2018
CLIENT IP ADDRESS: 192.168.x.xxx
SERVER IP ADDRESS: 192.168.x.xxx
=============================================================2018-06-29 11:36:06,262 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN
=============================================================
WHO: admin
WHAT: 1 errors, 0 successes
ACTION: PROXY_GRANTING_TICKET_NOT_CREATED
APPLICATION: CAS
WHEN: Fri Jun 29 11:36:06 CST 2018
CLIENT IP ADDRESS: 192.168.x.xxx
SERVER IP ADDRESS: 192.168.x.xxx
=============================================================

  说是证书有问题,然后又重新导入了证书还是报错

报错原因:

命令行启动tomcat时发现JRE_HOME路径是jre的,但是当时生成证书时放到jdk中了C:\SOFT\apache-tomcat-6.0.44\bin>startup.bat
Using CATALINA_BASE:   "C:\SOFT\apache-tomcat-6.0.44"
Using CATALINA_HOME:   "C:\SOFT\apache-tomcat-6.0.44"
Using CATALINA_TMPDIR: "C:\SOFT\apache-tomcat-6.0.44\temp"
Using JRE_HOME:        "C:\Java\jre1.7"
Using CLASSPATH:       "C:\SOFT\apache-tomcat-6.0.44\bin\bootstrap.jar"
C:\SOFT\apache-tomcat-6.0.44\bin>

  解决方法:

cas客户端和服务端分别放不同版本tomcat中。第二个tomcat的startup.bat和shutdown.bat文件增加了以下参数

SET JRE_HOME=C:\Java\jdk1.7
SET JAVA_HOME=C:\Java\jdk1.7
SET CATALINA_HOME=C:\SOFT\apache-tomcat-8.5.30

  

转载于:https://www.cnblogs.com/l412382979/p/9242830.html

cas-client登录后报INVALID_PROXY_CALLBACK相关推荐

  1. CAS client 登录认证 报不允许使用CAS来认证您访问的目标应用。

    CAS client 登录认证 报不允许使用CAS来认证您访问的目标应用. .. 解决方案: 修改src/main/resources/services目录下的HTTPSandIMAPS-100000 ...

  2. cas 单点登录_47 使用cas完成单点登录-02 搭建cas client完成单点登录

    上一节我们搭建了cas server.这一节我们将搭建两个客户端完成单点登录的测试. 1.前提约束 完成搭建cas serverhttps://www.jianshu.com/p/ed0c1359b8 ...

  3. cas单点登录系统:客户端(client)详细配置(包含统一单点注销配置)

    最近一直在研究cas登录中心这一块的应用,分享一下记录的一些笔记和心得.后面会把cas-server端的配置和重构,另外还有这几天再搞nginx+cas的https反向代理配置,以及cas的证书相关的 ...

  4. cas client 更新ticket_cas sso单点登录系列6_cas单点登录防止登出退出后刷新后退ticket失效报500错...

    转(http://blog.csdn.net/ae6623/article/details/9494601) 问题: 我登录了client2,又登录了client3,现在我把client2退出了,在c ...

  5. cas client 更新ticket_有人知道 cas单点登录系统是怎么样取得proxyticket的?

    展开全部 CAS 原理和协议 从结构上看,CAS 包含两个部分: CAS Server 和 CAS Client.CAS Server 需要独立部署,主要负责62616964757a686964616 ...

  6. SSO单点登录详解-------八、搭建CAS Client服务端

    一.前言 目前为止我们已经搭建好了CAS Server端,我们需要来搭建客户端配合使用,完成单点登录和单点注销的功能.我们将讲两种方式来搭建CAS Client端.一种是普通项目搭建,另一种是基于Sp ...

  7. cas client 更新ticket_SSO单点登录一:cas单点登录防止登出退出后刷新后退ticket失效报500错,也有退出后直接重新登录报票根验证错误...

    问题1: 我登录了client2,又登录了client3,现在我把client2退出了,在client3里面我F5刷新了一下,结果页面报错: 未能够识别出目标 'ST-41-2VcnVMguCDWJX ...

  8. web工程中集成cas单点登录

    背景 cas的服务端已经搭建成功,现在需要在web项目中集成cas client.我们项目使用spring 1.在pom中配置 <!--cas单点登录 --><dependency& ...

  9. CAS单点登录0-原理

    CAS ( Central Authentication Service ) 是 Yale 大学发起的一个企业级的.开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(属于 Web S ...

最新文章

  1. SciDB 15.7 centos6.5 安装教程
  2. 海口这家只收5元的理发店火了 顾客求涨价老板都不肯
  3. zookeeper单机安装
  4. java 静态方法与实例方法的区别_静态方法与实例方法的区分
  5. 图文详解如何搭建Windows的Android C++开发环境
  6. 求以下double数组的平均值(四舍五入保留两位小数):
  7. 【LeetCode笔记】15.三数之和(JAVA、双指针)
  8. SQL Server上的审计表和数据版本控制
  9. AcWing 3. 完全背包问题(完全背包模板)
  10. udhcp源码详解(二)--转
  11. matlab实现带通滤波器的方法,数字信号处理课程设计---带通滤波器的设计及其MATLAB实现.doc...
  12. 计算机和信息系统安全保密管理规定,图文信息中心 计算机信息系统安全保密管理规定...
  13. 中兴电视盒子破解记录
  14. 用python做自我介绍_使用Python实现自我介绍
  15. [论文阅读]LDSA:Learning Dynamic Subtask Assignment in Cooperative Multi-Agent Reinforcement Learning
  16. php 法定节假日接口,通过百度接口获取每一个月的工作和法定假日
  17. Android设置WIFI静态IP
  18. 自编剧本——爱上坑神姐姐的少女(很H很暴力)
  19. Java操作Word图表
  20. C++语法(二十一)友元的三种实现

热门文章

  1. JavaScript学习笔记(四)——jQuery插件开发与发布
  2. php学习笔记细节部分。
  3. Spring学习(24)--- AOP之 Aspect instantiation models(aspect实例模式)特别说明
  4. VB6 无法加载ieframe.dll,导致不能使用 浏览器控件--(转载)
  5. 虚拟机下安装vmtool
  6. ArcGIS Flex API 中的 Flex 技术(一)--事件
  7. 最长非下降子序列(O(nlogn))(offer收割)
  8. Python学习之路20-数据模型
  9. Eclipse中安装Ext插件(Spket IDE)
  10. JDBC学习笔记——事务、存储过程以及批量处理